[sudo-users] sudo segfaults when talking to ldap
Mauricio Tavares
raubvogel at gmail.com
Mon Jun 16 12:16:27 MDT 2014
This is ubuntu 14.04LTS, and sudo in question is (should be)
1.8.9 per http://packages.ubuntu.com/trusty/sudo-ldap. When I tried
using it, it would talk to the ldap server and then segfault:
raub at testfirewall:~$ sudo pwd
sudo: LDAP Config Summary
sudo: ===================
sudo: uri ldap://kdc.domain.com ldap://kdc2.domain.com
sudo: ldap_version 3
sudo: sudoers_base ou=SUDOers,dc=domain,dc=com
sudo: binddn (anonymous)
sudo: bindpw (anonymous)
sudo: bind_timelimit 3
sudo: timelimit 3
sudo: deref 0
sudo: ssl start_tls
sudo: tls_cacertfile /etc/ssl/certs/ca-
certificates.crt
sudo: use_sasl yes
sudo: sasl_auth_id (NONE)
sudo: rootuse_sasl -1
sudo: rootsasl_auth_id (NONE)
sudo: sasl_secprops (NONE)
sudo: krb5_ccname FILE:/tmp/host.tkt
sudo: ===================
sudo: ldap_set_option: debug -> 0
sudo: ldap_set_option: tls_cacertfile -> /etc/ssl/certs/ca-certificates.crt
sudo: ldap_set_option: tls_cacert -> /etc/ssl/certs/ca-certificates.crt
sudo: ldap_initialize(ld, ldap://kdc.domain.com ldap://kdc2.domain.com)
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_set_option: timelimit -> 3
sudo: ldap_set_option(LDAP_OPT_TIMEOUT, 3)
sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 3)
sudo: ldap_start_tls_s() ok
sudo: sudo_ldap_sasl_interact: SASL_CB_USER
Segmentation fault (core dumped)
raub at testfirewall:~$
syslog seems to imply there is something interesting with libc (could
be me second guessing here):
Jun 5 15:16:26 testfirewall kernel: [2068248.457275] sudo[22925]:
segfault at 0 ip 00007f2feb02692a sp 00007ffff55073b8 error 4 in
libc-2.19.so[7f2feaf9d000+1bc000]
If I disable ldap, it seems to work fine. Any suggestions of where I
should be going next?
More information about the sudo-users
mailing list